Votes | Average: 0 out of 5 Votes | Average: 0 out of 5 Votes | Average: 0 out of 5 Votes | Average: 0 out of 5 Votes | Average: 0 out of 5 (Be the first to rate this article) Loading ... Loading ...

by Mike Zazaian September 25, 2006 - 2:15pm, 2 Comments

Mozilla's Firefox logo

Computer security giant Symantec has released a rundown of browser vulnerabilities for the past six months. And while internet security problems have seen a marked increase overall, new risks with Firefox may be especially alarming.

While Mozilla’s flagship browser Firefox claimed a modest 17 vulnerabilities last year, that number has jumped sharply to 47 in 2006. According to Symantec as much as 69 percent of security risks involve web applications, meaning Firefox’s increased vulnerabilities could mean big trouble for fans of the open-source browser.

Symantec said in the report, released today, that a record 2,249 new vulnerabilities were seen in the first half of 2006. The number represents the greatest jump in vulnerabilities seen in a single period, an 18 percent increase over the previous sis months. Firefox, however, is way ahead of the 18 percent curve, reporting nearly a 200 percent increase in security flaws.

Microsoft’s Internet Explorer 6 also showed an increase in flaws, jumping to 37 from 25 in the last period, as did Apple’s Safari, which doubled from a paltry 6 to a less paltry 12. Opera was the only browser that actually showed a decrease in vulnerabilities, falling from 9 last period to 7 in the first half of 2006.

A chart of browser vulnerabilities, courtesy of ars technica

Luckily it’s not all bad news for the Mozilla foundation and the 17 percent of internet users who surf with Firefox. The support also suggests that Mozilla repairs known vulnerabilities more quickly than the developers of any other browser, taking the company only a single day to fix exploits after they’re recognized. Microsoft, however, took an average of 9 days to patch known security issues in Internet Explorer, up from 25 in the previous period. Opera showed a significant improvement from 19 days-to-patch down to 2, while Safari slowed a bit to five days, up from zero last period .

Data from the report came from the network of 40,000 computers that Symantec uses to get a sense of real world security, a system that operates much in the same way as Nielsen ratings track TV usage. Information in the report spans a six month period beginning on January 1st, 2006.

[Symantec Press Release]